From 42ffa6082a336662b9884f966be6a4e3ecd2cdd7 Mon Sep 17 00:00:00 2001
From: Sayan Paul <saypaul@redhat.com>
Date: Tue, 2 Aug 2022 07:58:50 +0000
Subject: [PATCH 1/2] fix(passwordless_login): login with ssh key only

for security reason login with password is disabled for user created
during device onboarding
user created will able to login only using ssh key passed via
service info config.

Signed-off: Sayan Paul <paul.sayan@gmail.com>
---
 client-linuxapp/src/serviceinfo.rs | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/client-linuxapp/src/serviceinfo.rs b/client-linuxapp/src/serviceinfo.rs
index 8ac71cee8..6b07039e4 100644
--- a/client-linuxapp/src/serviceinfo.rs
+++ b/client-linuxapp/src/serviceinfo.rs
@@ -69,6 +69,25 @@ fn create_user(user: &str) -> Result<()> {
     Ok(())
 }
 
+fn set_passwordless_login(user: &str) -> Result<()> {
+    let user_info = passwd::Passwd::from_name(user);
+    if user_info.is_none() {
+        bail!("User {} for passwordless login missing", user);
+    }
+    log::info!("Setting passwordless login for user: {}", user);
+    Command::new("passwd")
+        .arg("-d")
+        .arg(user)
+        .spawn()
+        .context("Error spawning passwordless setup command")?
+        .wait()
+        .context(format!(
+            "Error setting up passwordless login for user {}",
+            user
+        ))?;
+    Ok(())
+}
+
 fn install_ssh_key(user: &str, key: &str) -> Result<()> {
     let user_info = passwd::Passwd::from_name(user);
     if user_info.is_none() {
@@ -627,6 +646,8 @@ async fn process_serviceinfo_in(si_in: &ServiceInfo, si_out: &mut ServiceInfo) -
         ))?;
         install_ssh_key(sshkey_user.as_ref().unwrap(), sshkey_key.as_ref().unwrap())
             .context("Error installing SSH key")?;
+        set_passwordless_login(sshkey_user.as_ref().unwrap())
+            .context("Error setting up passwordless login")?;
     }
 
     // Perform RHSM

From 3aa6bcf264422a9d93541c8181b90c95eef783bb Mon Sep 17 00:00:00 2001
From: Irene Diez <idiez@redhat.com>
Date: Tue, 20 Dec 2022 11:29:29 +0100
Subject: [PATCH 2/2] chore: drop update test timeout

Signed-off-by: Irene Diez <idiez@redhat.com>
---
 integration-tests/tests/e2e.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/integration-tests/tests/e2e.rs b/integration-tests/tests/e2e.rs
index a5c02ca54..549705bc1 100644
--- a/integration-tests/tests/e2e.rs
+++ b/integration-tests/tests/e2e.rs
@@ -372,7 +372,7 @@ where
                     .env("ALLOW_NONINTEROPERABLE_KDF", &"1");
                 Ok(())
             },
-            Duration::from_secs(60),
+            Duration::from_secs(120),
         )
         .context("Error running client")?;
     output.expect_success().context("client failed")?;